Apple’s Leopard Server appears to have a major bug that is causing havoc for those users unlucky enough to see it occur on a daily basis.
DirectoryService is crashing on users of Leopard Server. This in itself isn’t a big problem – Leopard Server restarts
DirectoryService if it fails. The problem is with
AppleFileServer seems to lose the ability to authenticate users with the new instance of
DirectoryService. This means Time Machine backups stop working, and users can’t mount the server using
Currently, as of 10.5.2, this has still not been fixed. Apple have apparently given users suggestions such as sending a
HUP signal to
AppleFileServer at regular intervals to get things back on track, but in my limited testing, this doesn’t work – leaving the user with the ability to only mount certain shares.
The only reliable solution I’ve found is to restart
AFP. Obviously we don’t want to do that all the time – it should only be done when
DirectoryService crashes. To do this, I’ve built the following launchd daemon. Basically, it works as follows:
The daemon watches the
/Library/Logs/Crashes directory, and wait until a crash occurs. When it does, it runs a script that checks to see if the crash was a
DirectoryService crash, moves these crash files away in to a sub-directory, and restarts
Not a great solution, as if someone is connected at the time, they get booted and have to remount. I’m experimenting with other fixes people have listed that don’t require AFP to be restarted, but so far I’ve found they don’t seem to work consistently.
You can download the daemon here.
Once downloaded, uncompress the file (double click in Finder). Safari may unzip it automatically for you.
From a Terminal,
cd to the unzipped folder (if downloaded from Safari, by default it will be in
Now, type the following. Note that you need to be logged in as an administrator, and you will be asked for the administrator password in order to do the first operation.
sudo mkdir \
sudo cp com.curmi.restartafp.plist \
sudo cp restartafpondscrash.sh \
sudo chmod a+x \
sudo launchctl load \
To test this is working, you can do the following, and check
/var/logs/system.log to see if it mentions the restart.
sudo touch \
If for some reason you want to uninstall, run the following commands from the Terminal.
sudo launchctl unload \
sudo rm \
sudo rm /usr/local/bin/restartafpondscrash.sh
sudo mv \
sudo rmdir \
I hope this is useful to others out there. I’ve filed this bug with apple (radar bug report number 5836741), and I hope Apple fixes it soon.
The fix I’m currently trialling was listed here, and suggests that rather than doing:
serveradmin stop afp
serveradmin start afp
in the script, we do:
serveradmin settings afp:authenticationMode = "standard"
serveradmin settings afp:authenticationMode = "standard_and_kerberos"
I’ve tested this and it didn’t seem to work, but I’ll try it again just in case. I’m sure DirectoryService will crash on us sometime tomorrow to confirm if the fix works or not.